Because Cognito does not follow the common log out pattern of OIDC, signing out of the admin web app does not actually end the session. It will redirect you to the sign in UI, but if your session tokens are not yet expired, you will be automatically signed back in as the same user.
Reproduction Steps
Choose Cognito as your system user identity provider during install
Sign into SaaS Boost and update your temporary password
Sign out of SaaS Boost
Click the sign in button
Instead of being prompted for a username and password, you are redirected back to the home page as the last signed in user
What did you expect to happen?
After signing out, being prompted for username and password at next sign in
Because Cognito does not follow the common log out pattern of OIDC, signing out of the admin web app does not actually end the session. It will redirect you to the sign in UI, but if your session tokens are not yet expired, you will be automatically signed back in as the same user.
Reproduction Steps
Choose Cognito as your system user identity provider during install Sign into SaaS Boost and update your temporary password Sign out of SaaS Boost Click the sign in button Instead of being prompted for a username and password, you are redirected back to the home page as the last signed in user
What did you expect to happen?
After signing out, being prompted for username and password at next sign in
Environment
Other
This is :bug: Bug Report